The Ninja Sensei’s Logbook: Data Collection Done Right

There’s an easy way that may lead to the breach of data protection policies, then there’s the PDPA-compliant way. When it comes to data collection for your business, choose to do it the right way!

Organisations of all sizes practise the use and disclosure of personal data. Of course, it comes with the condition that they must only collect it from individuals who are willing to provide their confidential information in exchange for services offered by that organisation.

Needless to say, the protection of personal data is crucial.

This is because in countries such as Singapore, when there is a failure to prevent valuable data from leaking out, the affected organisation usually covers the risk of paying a hefty financial penalty which can reach up to S$1,000,000.

Moreover, the organisation could also suffer from the closure of business as clients and potential customers receive a bad impression that their data is not safe from your organisation. With this, organisations must handle personal data with the utmost diligence, especially from the data collection stage.

Data collection, done right!

There are several bases to use in collecting the personal data of customers and clients for the organisation. However, such methods must be in accordance with the PDPA to avoid breaching the obligations stated therein.

The following are the legal bases to collect and process personal data in accordance with the PDPA:

✔️ An appropriate notice has been given to or made available to the data subject.

✔️ The data subject has given consent to the processing for the identified purposes.

✔️ The personal data is necessary to fulfil a contract with the data subject.

✔️ The personal data is necessary to comply with a legal obligation.

✔️ The personal data is necessary to protect the vital interests of a natural person.

✔️ The personal data is necessary for the public interest.

There’s nothing to worry, your DPO can help!

There’s nothing to worry when your data collection has its legal basis. Plus, your DPO can help! Whether in-house or outsourced — such as Privacy Nina’s Outsourced DPO Service — DPOs complement the efforts of organisations in making sure that the organisation’s data collection methods are in compliance with the PDPA.

P.S. Got questions or do you need help with your cybersecurity and data protection compliance journey? Don’t hesitate to reach out to us. We are always a text/call or email away!

📱 WhatsApp: +65 8750 4250

📧 email: ninjas@privacy.com.sg

This post first appeared on Andy’s LinkedIn wall. Follow us on the following pages for more updates! Facebook | Twitter | LinkedIn | YouTube | Website